Tech News

BrainChip makes a major push in the AI-laden chip market by unveiling Akida Neuromorphic System on Chip (NSoC) that implements an advanced neural network architecture called Spiking Neural Network (SNNs). The Akida NSoC is considered to be the first commercial AI chip that can perform Neuromorphic computation, which holds significance in accelerating AI processes. Neuromorphic computation is inspired from the operations of neurons in human biology. Spiking Neural Networks (SNNs) is a 3rd generation Neural Network architecture that is promising for effectively processing edge applications. Edge computing finds its application in the latest technological advancements like Autonomous vehicle systems, Drones, Machine vision, among others that requires significantly complex backend to deal with huge data and perform heavy lifting tasks. SNNs are proven to be more powerful when compared to traditional Convolutional neural networks (CNNs) since they replace the computation-heavy algorithms like backpropagation and use the biologically inspired neuron operations. The SNNs use feedforward mechanism for training through a reinforcement style of learning. Features of Akida NSoC Designed to be used as a stand-alone processor and accelerator managing both the logic tasks and interface with other working parts. The chip includes sensor interface for pixel-based imaging, Lidar, audio, dynamic vision, and analogous signals. Includes a high speed data interface Embedded data-to-spike converters for converting the row data into spikes for training SNNs. The chip uses CMOS logic for lower power consumption. Scalable architecture to enable users to perform complex neural network training and interfacing. Both the advances - Neuromorphic computation and SNNs are seeing a rise in business use cases but with a challenge of scarce hardware platform that can harness the capabilities of SNN architecture. As such, the release of Akida NSoC is narrowing the gap between scientific research in AI acceleration and commercial reality. The industry was long missing the AI implementation for edge and this might just be the beginning of the road to more hardware that brings AI on Edge. To push the niche, BrainChip is collaborating with major global manufacturers to drive early adoption of the Akida NSoC. Baidu releases EZDL Intelligent Edge Analytics Introducing Intel’s OpenVINO computer vision toolkit for edge computing

With 600 commits and 992 files changed, React Native 0.57 was released yesterday. In this release, major improvements are done in the accessibility APIs, and WKWebView-backed implementation is added just as they announced in August, along with several tooling updates. What is new in React Native 0.57? New features Accessibility APIs, used for making apps accessible to people with disabilities, now support accessibility hints, inverted colors, and easier usage of defining the element's role and states. On iOS, WebView can now use WKWebView internally by passing useWebKit={true}. Loosen platform check to improve support for out-of-tree platforms. An implementation of YogaNodeProperties is added, which accesses style and layout properties using a ByteBuffer rather than JNI calls. FlatList and SectionList are now added to Animated exports. Changes Android tooling has been updated to match newer configuration requirements (SDK 27, gradle 4.4, and support library 27) unbundle is renamed to ram-bundle (a breaking change for OSS) Minimum Node version is changed from 8 to 8.3 Flow is upgraded to v0.76.0 ESLint is upgraded to 5.1.0 Babel is upgraded to v7.0.0 The “loading from pre-bundled file” notification won’t show up anymore when not on dev mode StyleSheet.compose is refined so that subtypes of DangerouslyImpreciseStyleProp can flow through the function call without losing their type The use of new Metro configuration is supported in the public react-native CLI react-native-dom is whitelisted in haste/cli config defaults Bug fixes debugger-ui path of react-native CLI was wrong earlier, which is now fixed. Extreme slowness of <TextInput> is fixed Placeholder of TextInput not completely visible on Android is fixed Horizontal <ScrollView> overflow issue is fixed Added support for connecting to the Packager when running the iOS app on device when using custom Debug configuration Fix crash in RCTImagePicker on iOS Removed features ScrollView.propTypes is removed. It is recommended to use flow or typescript for verifying correct prop usage instead. (Breaking change) ReactInstancePackage is now deprecated. It is recommended to use @link ReactPackage or @link LazyReactPackage. To know more about the improvements in React Native 0.57 release, head over to their GitHub repository. React Native 0.57 coming soon with new iOS WebViews React Native announces re-architecture of the framework for better performance Introducing Watermelon DB: A new relational database to make your React and React Native apps highly scalable

Git project released Git 2.19 earlier this week (September 10th, 2018). Git 2.19 brings more Python 3 compatibility work for git p4, a rewritten git submodule now implemented in C. Git Instaweb works better with newer versions of Apache. It also has a git range-diff feature, new capabilities in git grep, branch sorting changes, and a variety of other additions. Features in Git 2.19 A new ‘git range-diff’ tool Developers previously used the git rebase to rewrite history and polish their commits before making them public. git diff shows the difference between the two end states, but it doesn’t provide information about any of the individual commits. This version includes git range-diff, a tool for comparing two sequences of commits, including changes to their order, commit messages, and the actual content changes they introduce. Improvements in ‘git grep’ In Git 2.19 you can now locate the first matching column of your query with git grep --column. git grep also learned the new --only-matching option. This is useful if you have a non-trivial regular expression and want to gather only the matching parts of your search. A new ‘auto’ option The content-transfer-encoding of the message "git send-email" sends out by default was 8bit, which can cause trouble when there is an overlong line to bust RFC 5322/2822 limit.  A new option 'auto' to automatically switch to quoted-printable when there is such a line in the payload has been introduced and is made the default. The branch.sort option and other sorting options The git branch command, like git tag (and their scriptable counterpart, git for-each-ref), takes a --sort option to let you order the results by a number of properties. To show branches in the order of most recent update, you could use git branch --sort=-authordate. However, if you always prefer that order, typing that sort option can get tiresome. This version introduces the branch.sort config to set the default ordering of git branch. By default, git branch sorts by refname, hence master is first and newest is last. The other sorting options include: --sort=numparent shows the best merges. --sort=refname sorts branches alphabetically by their name. --sort=upstream sorts branches by the remote from which they originate. Other improvements in Git 2.19 ‘git submodule foreach’ has been largely rewritten in C. ‘git diff --color-moved’ feature has further improvised. The userdiff pattern for .php has been updated. ‘git instaweb’ has been adjusted to run better with newer Apache on RedHat based distros. Preparatory code to later add json output for telemetry data has been added. Read the complete updates and improvements in the Git 2.19 release notes. Microsoft announces Azure DevOps, makes Azure pipelines available on GitHub Marketplace Packt’s GitHub portal hits 2,000 repositories GitHub parts ways with JQuery, adopts Vanilla JS for its frontend

The Timescale team announced a release candidate, TimescaleDB 1.0, designed to support full SQL, yesterday. TimescaleDB is the first open-source time-series database that scales for fast ingest and complex queries while providing full SQL support. It also natively supports full SQL. TimescaleDB 1.0 comes with features such as native Grafana integration, first-class Prometheus support, and dozens of other new features. The timescale is the company behind the first open-source time-series database and is powered by PostgreSQL. TimescaleDB has helped businesses across the world with mission-critical applications such as industrial data analysis, complex monitoring systems, operational data warehousing, financial risk management, geospatial asset tracking, and more. TimescaleDB 1.0 key Features TimescaleDB 1.0 offers first-class Prometheus support for long-term storage along with native Grafana integration. First-class Prometheus Support There is now an added native support in TimescaleDB to act as a remote storage backend for Prometheus (a monitoring system and time-series database). This adds many benefits to Prometheus such as a full SQL interface, long-term replicated storage, support for late data, data updates, and the ability to JOIN monitoring data against other business data. Native Grafana Integration TimscaleDB 1.0 now comes with a graphical SQL query builder for Grafana and additional support. In addition to these two major features, there are other TimescaleDB features: TimescaleDB 1.0  is fast, flexible, and built to scale. It supports full SQL i.e. it is similar to PostgreSQL on the outside but is architected for time-series internally. TimescaleDB 1.0 provides the largest ecosystem of any time-series database such as Tableau, Grafana, Apache Kafka, Apache Spark, Prometheus, Zabbix support. It is now enterprise ready and offers reliability and tooling of PostgreSQL, enterprise-grade security, and production-ready SLAs. TimescaleDB 1.0 manages time-series data. It offers automatic space-time partitioning, a hypertable abstraction layer, adaptive chunk sizing, and other new functions for easier time-series analytics in SQL. It also comprises features such as geospatial analysis, JSON support, along with easy schema management. TimescaleDB has managed to achieve some significant milestones since its launch in April 2017. It managed to surpass 1 million downloads and 5,000 GitHub stars. It has Bloomberg, Comcast, Cray, Cree, and LAIKA as production users. “Based on all the adoption we’re seeing, it’s becoming clear to us that all data is essentially a time-series data. We’re building TimescaleDB to accommodate this growing need for a performant, easy-to-use, SQL-centric, and enterprise-ready time-series database,” says Ajay Kulkarni, Timescale founder on the TimeScale announcement page. To get started, download TimescaleDB (installation instructions). You can explore the first release candidate for TimescaleDB 1.0 at Github or on Docker. For more information, check out the official release notes. Introducing Watermelon DB: A new relational database to make your React and React Native apps highly scalable Say hello to FASTER: a new key-value store for large state management by Microsoft IBM Files Patent for “Managing a Database Management System using a Blockchain Database”

Details of new Apple products - 3 new iPhones - that were meant to be released at today's launch event at 10.00 am PT, have been leaked thanks after the Apple sitemap revealed the names of the 3 new products. According to Allthings.how, the sitemap revealed the names of iPhone XS and IPhone XS Max, as well as the iPhone XR (the cheaper LCD option). Apple now appears to be aware of the leak and has removed the sitemap links. What else was revealed in the Apple sitemap? You could find considerable details about the new products in the sitemap. A report by Apple tech website 9to5mac.com found, for example: The new iPhone XR will come in blue, coral, red, black, white, and yellow The XR also has 3 storage options:  64 GB, 128 GB and 256 GB New Apple Watch models will be available in both 40 mm and 44 mm sizes. Color options are silver, space gray, and gold aluminum How was the Apple sitemap leaked? It didn't require much effort to actually get in to the Apple sitemap and uncover details about the new products. Guilherme Rambo, who works for 9to5mac revealed on Twitter that he simply "used the URL pattern from the last event and guessed the device’s names." https://twitter.com/_inside/status/1039604702697144322 Essentially, if you go to the page for Apple's 2017 event, you can then take a look at the URL path where the images on the page are stored, and then swap out '2017' for '2018'. The launch is due to happen in just a matter of hours. Although it will certainly be irritating for Apple, a company which prides itself on controlling launches to every last detail, it's probably not going to cause too much damage. At the very least it will boost awareness of the event - something the team in Cupertino probably won't complain about.

Currently, free and open source software means anyone can modify and repurpose it for their needs. This also means that companies can take advantage of such open source software and use it for their commercial advantage. The ‘commons’ clause aims to change that and forbids monetization that mostly entails commercial use. The case in favor of the commons clause Companies that commercialize open source projects don’t give much back and this is an abuse of open source projects. The projects are open source for the idea to promote sharing and learning, not necessarily for tech giants to use it commercially make money from projects that were available freely. This is not illegal but can be just viewed as an abuse of open source projects where it is being used to make money without the creators/community getting anything back. What is the commons clause? The Commons Clause website states contributed by FOSSA, the founder and CEO is Kevin Wang. The task of drafting the commons clause was handed over to open source lawyer Heather Meeker. It is not a license itself but an additional clause that can be added to open source project licenses. It adds a narrow commercial restriction on top of the existing open-source license. The additional clause restricts the ability to ‘sell’ the software while keeping all the original license permissions unchanged. This is in the interest of preserving open source projects and helping them thrive. To avoid any confusion, when commons clause is added to a project, it is no longer ‘open source’ by the formal definition. Adding commons clause means the project still has many elements aligning to an open source project like free access, freedom to modify and redistribute but not sell. Basically, when commons clause is added to a project, the project can no longer be monetized. The Commons Clause FAQ states: “The Commons Clause was intended, in practice, to have virtually no effect other than force a negotiation with those who take predatory commercial advantage of open source development. In practice, those are some of the biggest technology businesses in the world, some of whom use open source software but don’t give back to the community. Freedom for others to commercialize your software comes with starting an open source project, and while that freedom is important to uphold, growth and commercial pressures will inevitably force some projects to close. The Commons Clause provides an alternative.” The case against the commons clause There are discussions on various forums regarding this clause with conflicting views. So, I will try to give my views on this. Opposers of the clause believe a software becomes propriety on applying commons clause. This means that any service created from the original software remains the intellectual property of the original company to sell. The fear is that this would discourage the community from contributing to open-source projects with a commons clause attached since the new products made will remain with the company. Only they will be able to monetize it if they choose to do so. On the one hand, companies that make millions of dollars from open source software and giving anything back is not in line with the ethos of open source software. But on the other hand, smaller startups and individual contributors get penalized by this clause too. What if small companies contribute to a large open source project and want to use the derived product for their growth? They can’t anymore if the commons clause is applied to the project they contributed to. It is also not right to think that a contributor deserves 50% of the profits if a company makes millions of dollars using their open source project. What can be done then? The commons clause doesn't really help the open source community, it only prevents bigger companies from monetizing it unfairly. I think major tech companies can license open source software strictly for commercial use separately. Perhaps a financial profit benchmark (say $100,000) can be made for paid licensing. That is, if you make x money from the open source software, pay for a license for further use. This will help small companies from running out of money and force closing their source. The commons clause currently is at 1.0, and there will be future revisions. It was recently adopted by Redis after Amazon using their open source project commercially. For more information, you can visit the Commons Clause website. Storj Labs’ new Open Source Partner Program: to generate revenue opportunities for open source companies Home Assistant: an open source Python home automation hub to rule all things smart NVIDIA open sources its material definition language, MDL SDK

Sphero, a robotic toy building company announced their latest Bolt robotic ball aimed at teaching kids basic programming. It has advanced sensors, an LED matrix, and infrared sensors to communicate with other Bolt robots. The robot itself is 73mm in diameter. There’s an 8x8 LED matrix inside a transparent casing shell. This matrix displays helpful prompts like a lightning bolt when Bolt is charging. Users can fully program the LED matrix to display a wide variety of icons connected to certain actions. This can be a smiley face when a program is completed, sad face on failure or arrow marks for direction changes. The new Bolt has a longer battery life of around two hours, charges back up in six hours. It connects to the Sphero Edu app to use community created activities, or even to build your own analyze sensor data etc. The casing is now transparent instead of the opaque colored ones from previous Sphero balls. The sphere weighs 200g in all and houses infrared sensors that allow the Bolt to detect other nearby Bolts to interact with. Users can program specific interactions between multiple Bolts. The Edu app supports coding through drawing on the screen or via Scratch blocks. You can also use JavaScript to program the robot to create custom games and drawing. There are sensors to track speed, acceleration, and direction, or to drive BOLT. This can be done without having to aim since the Bolt has a compass. There is also an ambient light sensor that allows programming the Bolt based on the room’s brightness. Other than education, you can also simply drive BOLT and play games with the Sphero Play app. Source: Sphero website It sounds like a useful little robot and is available now to consumers for $149.99. Educators can also buy BOLT in 15-packs for classroom learning. For more details, visit the Sphero website. Is ROS 2.0 good enough to build real-time robotic applications? Spanish researchers find out. How to assemble a DIY selfie drone with Arduino and ESP8266 ROS Melodic Morenia released

eBay’s new technology - ‘HeadGaze’ allows physically impaired users to interact with their iPhone X screen through head movements. HeadGaze was developed by eBay’s computer vision team and a team of eBay interns led by Muratcan Cicek. Cicek is a software engineer and PhD student who uses assistive technology as an aid for his motor impairment disability. Leveraging Apple’s ARKit platform and the iPhone X’s TrueDepth front-facing camera, HeadGaze allows applications to track user’s head motions for guiding the on-screen cursor. This technology isn’t available on eBay yet. However, the underlying technology is available on GitHub for general use. How does HeadGaze work? This augmented reality software includes a virtual stylus that follows the user’s head motions to move the cursor toward scrollbars and other interactive buttons. Head motions are tracked using the 3D sensors in the TrueDepth camera, which is the same hardware that enables Apple’s Face ID unlock feature. This helps users to transmit input commands by subtle head movements. For example, to register a click, the technology will detect how long the cursor has been in one spot and then triggers the desired action. Head-based controls and the new UI widgets implemented by the device makes hands-free interactions easy. The team has put this technology to test by developing the HeadSwipe app (also open-sourced via HeadGaze). This app allows users to swipe deals on eBay with the help of different head movements. Users can scroll through various pages on the app, browse deals, buy items and so on, without having to use finger movements. Similar to Google’s “wheelchair accessible” routes to transit navigation in Google Maps, HeadGaze is trying to impact the lives of millions of people worldwide by open sourcing its source code. This idea can be broadened to many disciplines- imagine having to take an urgent call while your hands are occupied or scroll through the Map while driving your car. The possibilities of this tech appear to be limitless. It wouldn’t be a surprise if this technology takes the market by storm! To read an in-depth coverage on the workings of this software, head over to eBay’s official blog. Apple announces a Special Event to reportedly launch new products including “iPhone XS” and OS updates Magic Leap teams with Andy Serkis’ Imaginarium Studios to enhance Augmented Reality Magic Leap’s first augmented reality headset, powered by Nvidia Tegra X2, is coming this Summer  

A team of researchers from MIT Lincoln Laboratory's Intelligence and Decision Technologies Group have created a neural network, named the Transparency by Design Network ( TbD-net). This network is capable of performing human-like reasoning to respond to questions about the contents of images. The Transparency by Design model visually renders its thought process to solve problems, thereby, helping human analysts analyze its decision-making process. The developers of Transparency by Design network built it with an aim to make the inner workings of the neural network transparent, meaning it focuses on finding out how the neural network works and thinks what it thinks.  One such example is finding out answers to questions like “what do the neural networks used in self-driving cars think the difference is between a pedestrian and stop sign?”, “when was the neural network able to come up with that difference?”, and so on.  Finding out these answers will help researchers teach the neural network to correct incorrect assumptions. Other than that, Transparency by Design Network closing the gap between performance and interpretability, which is a common problem with today’s neural networks. "Progress on improving performance in visual reasoning has come at the cost of interpretability,” says Ryan Soklaski, a TbD-net developer, as mentioned in the MIT blog post. The TbD-net comprises a collection of "modules," which are small neural networks specialized to perform specific subtasks. So, whenever a visual-reasoning question is asked to TbD-net about an image, it first breaks down a question into subtasks, then assigns the appropriate module to fulfill its part. According to Majumdar, another TbD-net developer, "Breaking a complex chain of reasoning into a series of smaller subproblems, each of which can be solved independently and composed, is a powerful and intuitive means for reasoning”. After this, each module learns from the module before it and eventually produces the final, correct answer. Each module's output is visually presented in an "attention mask” which shows heat-map blobs over objects within an image that the module considers an answer. Overall, for the entire process, TbD-net uses AI techniques such as Adam optimization to interpret the human language questions and break these sentences into subtasks. It also uses multiple computer vision AI techniques like convolution neural networks that help interpret the imagery and uses visual reasoning to share its decision-making process. When TbD-net was put to test, it achieved results surpassing the best-performing visual reasoning models. The model was evaluated using a visual question-answering dataset. This dataset consisted of 70,000 training images and 700,000 questions as well as test and validation sets of 15,000 images and 150,000 questions. The model managed to achieve a whopping 98.7 percent test accuracy on the dataset. But, the developers further improved this model’s result, achieving 99.1 % accuracy on the CLEVER dataset, with the help of regularization and increasing the spatial resolution. The attention masks produced by the modules helped the researchers figure out what went wrong, thereby, helping them refine the model. This further resulted in a performance of 99.1 percent accuracy. "Our model provides straightforward, interpretable outputs at every stage of the visual reasoning process,” says Mascharka. For more information, be sure to check out the official research paper. Optical training of Neural networks is making AI more efficient Diffractive Deep Neural Network (D2NN): UCLA-developed AI device can identify objects at the speed of light MIT’s Duckietown Kickstarter project aims to make learning how to program self-driving cars affordable

Earlier this month, Microsoft Azure Cloud was experiencing problems that left users unable to access its cloud services. The outage in South Central US affected several Azure Cloud services and caused them to go offline for U.S. users. The reason for the outage was stated as “severe weather”. Microsoft is currently conducting a root cause analysis to find out the exact reason. Many services went offline due to cooling system failure causing the servers to overheat and turn themselves off. What did the RCA reveal about the Azure outage High energy storms associated with Hurricane Gordon hit the southern area of Texas near Microsoft Azure’s data centers for South Central US. Many data centers were affected and experienced voltage fluctuations. Lightning-induced increased electrical activity caused significant voltage swells. The rise in voltages, in turn, caused a portion of one data center to switch to generator power. The power swells also shut down the mechanical cooling systems despite surge suppressors being in place. With the cooling systems being offline, temperatures exceeded the thermal buffer within the cooling system. The safe operational temperature threshold exceeded which initiated an automated shutdown of devices. The shutdown mechanism is installed to preserve infrastructure and data integrity. But in this incident, the temperatures increased pretty quickly in some areas of the datacenter causing hardware damage before a shutdown could be initiated. Many storage servers and some network devices and power units were damaged. Microsoft is taking steps to prevent further damage as the storms are still active in the area. They are switching the remaining data centers to generator power to stabilize power supply. For recovery of damaged units, the first step taken was to recover the Azure Software Load Balancers (SLBs) for storage scale units. The next step was to recover the storage servers and the data on them by replacing failed components and migrating data to healthy storage units while validating that no data is corrupted. The Azure website also states that the “Impacted customers will receive a credit pursuant to the Microsoft Azure Service Level Agreement, in their October billing statement.” A detailed analysis will be available on their website in the coming weeks. For more details on the RCA and customer impact, visit the Azure website. Real clouds take out Microsoft’s Azure Cloud; users, developers suffer indefinite Azure outage Microsoft Azure’s new governance DApp: An enterprise blockchain without mining Microsoft Azure now supports NVIDIA GPU Cloud (NGC)

Unit 42 of the Palo Alto Networks reported about two new variants of the IoT botnets named Mirai and Gafgyt last week on September 7, 2018. The former IoT botnet targets vulnerabilities in Apache Struts and the latter in older, unsupported versions of SonicWall’s Global Management System (GMS). Researchers at Palo Alto Networks said, “Unit 42 found the domain that is currently hosting these Mirai samples previously resolved to a different IP address during the month of August. During that time this IP was intermittently hosting samples of Gafgyt that incorporated an exploit against CVE-2018-9866, a SonicWall vulnerability affecting older versions of SonicWall Global Management System (GMS). SonicWall has been notified of this development.” Mirai variant botnet exploit in Apache Struts The Mirai botnet exploit targets 16 different vulnerabilities, which includes the Apache Struts arbitrary command execution vulnerability CVE-2017-5638 , via crafted Content-Type, Content-Disposition, or Content-Length HTTP headers. The same Mirai bug was associated with the massive Equifax data breach in September 2017. This botnet had previously targeted routers and other IoT based devices which was revealed around end of May 2018. However, in the case of Mirai botnet, this is the first instance where it has targeted a vulnerability in Apache Struts. This new Mirai variant is also targeting vulnerabilities such as: the Linksys E-series device remote code execution flaw, a D-Link router remote code execution flaw, an OS command injection security flaw affecting Zyxel routers, an unauthenticated command injection flaw affecting AVTECH IP devices and more. Here’s the complete list of all exploits incorporated in this Mirai variant. Gafgyt variant exploit in SonicWall GMS The Gafgyt variant is targeting a security flaw, CVE-2018-9866 discovered in July that affects old, unsupported versions of SonicWall Global Management System (GMS) that is, versions 8.1 and older. The vulnerability targeted by this exploit is caused by the lack of sanitization of XML-RPC requests to the set_time_config method. There is currently no fix for the flaw except for GMS users to upgrade to version 8.2. Researchers noted that these samples were first surfaced on August 5, less than a week after the publication of a Metasploit module for this vulnerability. Some of its configured commands include launching the Blacknurse DDoS attack. Unit 42 researchers said, “Blacknurse is a low bandwidth DDoS attack involving ICMP Type 3 Code 3 packets causing high CPU loads first discovered in November 2016. The earliest samples we have seen supporting this DDoS method are from September 2017.” The researchers also mentioned, "The incorporation of exploits targeting Apache Struts and SonicWall by these IoT/Linux botnets could indicate a larger movement from consumer device targets to enterprise targets. These developments suggest these IoT botnets are increasingly targeting enterprise devices with outdated versions." In an email directed to us, SonicWall mentions that "The vulnerability disclosed in this post is not an announcement of a new vulnerability in SonicWall Global Management System (GMS).  The issue referenced only affects an older version of the GMS software (version 8.1) which was replaced by version 8.2 in December 2016. Customers and partners running GMS version 8.2 and above are protected against this vulnerability.  Customers still using GMS version 8.1 should apply a hotfix supplied by SonicWall in August 2018 and plan for an immediate upgrade, as GMS 8.1 went out of support in February 2018.  SonicWall and its threat research team continuously updates its products to provide industry-leading protection against the latest security threats, and it is therefore crucial that customers are using the latest versions of our products. We recommend that customers with older versions of GMS, which are long out of support, should upgrade immediately from www.mysonicwall.com." To know more about these IoT botnet attacks in detail, visit Palo Alto Networks Unit 42 blog post. Build botnet detectors using machine learning algorithms in Python [Tutorial] Cisco and Huawei Routers hacked via backdoor attacks and botnets How to protect yourself from a botnet attack

Google’s PAIR ( People + AI Research ) team has come out with a new tool called “What-if”. It is a new feature in the open-source TensorBoard web application which allows users to analyze an ML model without the need of writing code. It also provides an interactive visual interface which lets you explore the model results. The “What-if” tool comes packed with two major features namely, Counterfactuals, and Performance and Algorithmic Fairness analysis. Let’s have a look at these two features. Counterfactuals What-if allows you to compare a datapoint to the most similar point where your model predicts a different result. These points are known as "counterfactuals”. It lets you edit a datapoint by hand and explore the prediction changes in a model’s a. In the figure below, the What-if tool is used on a binary classification model which predicts whether a person’s income is more than $50k depending on public census data from the UCI census dataset. Comparing counterfactuals This is a prediction task used by ML researchers when analyzing algorithmic fairness. So, here the model made a prediction that the person’s income is more than $50k for the selected datapoint. The tool then automatically locates the most-similar person in the dataset for which earnings of less than $50k had been predicted in the model and compares the two cases side-by-side. Performance and Algorithmic Fairness Analysis With the What-if tool, exploring the effects of distinct classification thresholds is also possible. The tool considers constraints such as different numerical fairness criteria. The figure below presents the results of a smile detector model which has been trained on the open-source CelebA dataset. The CelebA dataset comprises annotated face images of celebrities.            Comparing the performance of two slices of data in a smile detection model  In the figure above, the datasets have been divided by whether the people have brown hair. Each of the two groups in the figure has a ROC curve and a confusion matrix of the predictions. It also includes sliders for setting how confident the model must be before determining that a face is smiling. Here, the What-if tool automatically sets up the confidence thresholds for the two groups in order to optimize for equal opportunity. Apart from these major features, the What-if tool also explores features such as visualizing your dataset directly using Facets and manually editing examples from your dataset along with automatic generation of partial dependence plots ( shows how the model’s predictions change with any single feature changing). Additionally, the Google’s PAIR team released a set of demos using pre-trained models to illustrate the capabilities of the What-If Tool. Some of these demos include detecting misclassifications (A multiclass classification model), assessing fairness in binary classification models (image classification model), and investigating model performance across different subgroups (A regression model). “We look forward to people inside and outside of Google using this tool to better understand ML models and to begin assessing fairness,” says the PAIR team. For more information on What-if, be sure to check out the official Google AI blog. Dr. Fei Fei Li, Google’s AI Cloud head steps down amidst speculations; Dr. Andrew Moore to take her place Introducing Deon, a tool for data scientists to add an ethics checklist Google wants web developers to embrace AMP. Great news for users, more work for developers

In a post yesterday, the AWS Developer team has announced that AWS Lambda support will be provided for PowerShell Core 6.0. Users can now execute PowerShell Scripts and functions in response to Lambda events. Why should Developers look forward to this upgrade? The AWS Tools for PowerShell will allow developers and administrators to manage their AWS services and resources in the PowerShell scripting environment. Users will be able to manage their AWS resources with the same PowerShell tools used to manage Windows, Linux, and MacOS environments. These tools will let them perform many of the same actions as available in the AWS SDK for .NET. What’s more is that these tools can be accessed from the command line for quick tasks. For example: controlling Amazon EC2 instances. The PowerShell scripting language composes scripts to automate AWS service management. With direct access to AWS services from PowerShell, management scripts can take advantage of everything that the AWS cloud has to offer. The AWS Tools for Windows PowerShell and AWS Tools for PowerShell Core are flexible in handling credentials including support for the AWS Identity and Access Management (IAM) infrastructure. To understand how the support works, it is necessary to set up the appropriate development environment as shown below. Set up the Development Environment This can be done in a few simple steps- 1. Set up the correct version of PowerShell 2. Ensure Visual Studio Code is configured for PowerShell Core 6.0. 3. PowerShell Core is built on top of .NET Core hence install .NET Core 2.1 SDK 4. Head over to the PowerShell Gallery and install AWSLambdaPSCore module The module provides users with following cmdlets to author and publish Powershell based   Lambda functions- Source: AWS Blog You can head over to the AWS blog for detailed steps on how to use the Lambda support for PowerShell. The blog gives readers a simple example on how to execute a PowerShell script that ensures that the Remote Desktop (RDP) port is not left open on any of the EC2 security groups. How to Run Code in the Cloud with AWS Lambda Amazon hits $1 trillion market value milestone yesterday, joining Apple Inc Getting started with Amazon Machine Learning workflow [Tutorial]

Yesterday, researchers at Facebook introduced a machine learning system named, Rosetta for scalable optical character recognition (OCR). This model extracts text from more than a billion public Facebook and Instagram images and video frames. Then, this extracted text is fed into a text recognition model that has been trained on classifiers, which helps it understand the context of the text and the image together. Why Rosetta is introduced? Rosetta will help in the following scenarios: Provide a better user experience by giving users more relevant photo search results. Make Facebook more accessible for the visually impaired by incorporating the texts into screen readers. Help Facebook proactively identify inappropriate or harmful content. Help to improve the accuracy of classification of photos in News Feed to surface more personalized content. How it works? Rosetta consists of the following text extraction model: Source: Facebook Text extraction on an image is done in the following two steps: Text detection In this step, rectangular regions that potentially contain the text are detected. It performs text detection based on Faster R-CNN, a state-of-the-art object detection network. It uses Faster R-CNN but replaces ResNet convolutional body with a ShuffleNet-based architecture for efficiency reasons. The anchors in regional proposal network (RPN) are also modified to generate wider proposals, as text words are typically wider than the objects for which the RPN was designed. The whole detection system is trained jointly in a supervised, end-to-end manner. The model is bootstrapped with an in-house synthetic data set and then fine-tuned with human-annotated data sets so that it learns real-world characteristics. It is trained using the recently open-sourced Detectron framework powered by Caffe2. Text recognition The following image shows the architecture of the text recognition model: Source: Facebook In the second step, for each of the detected regions a convolutional neural network (CNN) is used to recognize and transcribe the word in the region. This model uses CNN based on the ResNet18 architecture, as this architecture is more accurate and computationally efficient. For training the model, finding what the text in an image says is considered as a sequence prediction problem. They input images containing the text to be recognized and the output generated is the sequence of characters in the word image. Treating the model as one of sequence prediction allows the system to recognize words of arbitrary length and to recognize the words that weren’t seen during training. This two-step model provides several benefits, including decoupling the training process of detection and recognition models, recognition of words in parallel, and independently supporting text recognition for different languages. Rosetta has been widely adopted by various products and teams within Facebook and Instagram. It offers a cloud API for text extraction from images and processes a large volume of images uploaded to Facebook every day. In future, the team is planning to extend this system to extract text from videos more efficiently and also support a wide number of languages used on Facebook. To get a more in-depth idea of how Rosetta works, check out the researchers’ post at Facebook code blog and also read this paper: Rosetta: Large Scale System for Text Detection and Recognition in Images. Why learn machine learning as a non-techie? Is the machine learning process similar to how humans learn? Facebook launches a 6-part Machine Learning video series

A new version of JUnit v5.3 was released last week. There are some changes and new features like parallel test execution, enhancements to AssertThrows, and others in this new version. JUnit is a popular unit testing framework for the Java which has been instrumental to the rise of test-driven development. Below are some of the key highlights of JUnit 5.3. Capturing output from a console It is now possible to capture System.out and System.err output using a TestExecutionListener in Junit 5.3. Capturing console output may not be a frequent need, but can become necessary in some cases such as when working on legacy code bases where statements are being written to console and viewing them can be useful. There are two steps to get this working, implementing a TestExecutionListener and configuring surefire to start capturing console output. Enhancements to AssertThrows The assertThrows assertion is updated to display the value a method returns. This works only if the method runs successfully and returns a value and no exception is thrown. It can be helpful for debugging a failing test case. Parallel test execution Parallel test execution is now enabled and can be configured via build files. This can be a pom.xml, build.gradle etc. The parallel test execution behavior can be changed at both, method and class levels with the annotations: @Execution and @ResourceLock. For detailed information on configuring and using parallel test execution in JUnit 5, check out the user guide. Other changes There are also some libraries and tools updated that are used with JUnit like filtering changes with native support, enhanced mockito dependency injection support, updates to AssertJ Soft Assertions and opentest4J. JUnit 5.3.1 was released on September 9, shortly after JUnit 5.3 and there are some minor fixes. There is another major change where variants of assertThrows() introduced in JUnit 5.3.0 that accepted ThrowingSupplier arguments are now removed. For a full list of bug fixes and changelogs, visit the JUnit website and to learn how to use the features, check out the user guide. Unit testing with Java frameworks: JUnit and TestNG [Tutorial] Unit Testing Apps with Android Studio Unit Testing in .NET Core with Visual Studio 2017 for better code quality